Faster Payments Service How To Ensure Compliance From AppLabs

AppLabs confidential and restricted circulation 1

Faster Payments Service: How to Ensure Compliance

Dan Martland

9th July 2008


Overview

» Where does FPS fit?» System design» Functional testing» Regression testing» Performance testing» Technical testing» Summary


Where does FPS fit?

Telephony Systems

Web Systems

Back Office Systems

FPS Gateway

FPS Central Infrastructure


System Design (1)

» Understanding Switch behaviour is key to a good design

» Positive behaviour is well documented» All positive message flows are described in the

original FPS documentation

» Negative behaviour is more complex» Understanding of the negative behaviour has evolved

throughout the first wave deployment of FPS» Understanding of both the message sequences and

contents is critical

» The system must be designed for performance

» The design must integrate multiple elements of your systems

» The design must fundamentally change the way some of your systems operate.


System Design (2)

» Fraud checking» Traditionally this is done as a batch process,

overnight and looking at a body of transactions for suspicious patterns of behaviour

» The nature of FPS means each transaction must be assessed individually and in real time

» Customer management» High value customers are often given special

considerations » Pending deposits may be taken in to

consideration when assessing if a payment should be allowed to proceed during batch processing

» FPS means that these decisions must be made in real-time

» FPS will reduce the visibility of incoming transactions as there is no time period when the transaction is known to be happening but has not yet completed.


Functional testing (1)

» Applies to both real time (Web, Telephony) and batch systems (standing orders)

» Analysis is required to determine the necessary test coverage

» Expected behaviour needs to be defined across both your systems and the FPS switch

» As the system is computer-to-computer, precision is very important

» Tools are provided by IPL to simulate the Switch

» The tool set is powerful and so needs to be used correctly

» Real-time systems should be considered for end-to-end test automation using a tool such as QuickTest or QARun.


Functional Testing (2)

» Both positive and negative scenarios need to be tested

» Test systems outputs against the specification for both format and content

» Test against the response from the simulated Switch

» Finalising transactions after a positive response» Cancelling transactions that receive a negative

response» Re-trying when no response is received within a

time limit» Handling multiple responses if there are

timeouts elsewhere in the system

» Institutions will engage in multiple rounds of testing with IPL once their internal testing is completed.


Functional Testing (3)

» Batch systems present specific challenges» Batch suites can involve long chains of programs

which must run in the correct order» Testing the branches of code is dependent on

inserting all the required test data at the beginning of the process

» Batch systems often refer to extensive reference material such as financial histories which are difficult to simulate in testing

» Data is often highly date dependent which provides an ongoing challenge through out testing

» Analysis and preparation are key to overcoming these factors

» The sheer volume of output batch systems tend to generate causes additional challenge when analysing results

» FPS is a hybrid of batch and real-time, increasing the challenges.


Regression Testing

» Analysis is needed to: » Understand what systems are touched by changed

applications

» Identify key functionality that must be verified

» Testing will be spread across multiple systems» Documenting expected behaviour is critical

» Multiple waves of regression testing may be required» Makes a strong case for building an automated

regression test pack.


Performance Testing

» The whole purpose of FPS is to make things quicker!

» The system has SLAs in place for responding to individual messages» Failure to hit those SLAs mean transactions

will be reversed or rejected

» IPL require multiple rounds of performance testing before an institution can join the scheme

» Performance testing the solution means loading all your input channels (web, telephony, back-office) and these may all require different technical solutions

» IPL sourced tools can be built upon to generate incoming traffic on your system.


Technical Testing

» Connectivity:» The FPS solution is split across four sites and has

duplication of every major component» Managing security keys with the Switch has

challenged the Members

» Each institution has a specific number of channels available to them for their transactions

» Using these efficiently has proven challenging for the Members

» Reliability and Resilience:» FPS is a 24/7 system» Your solution should support this e.g. by allowing

updates without interruption to service

» These features need to be tested before going live on the service.


Summary

» FPS requires a broad range of testing for successful implementation

» The system is complex and its behaviour needs to be well understood

» The solution is technically complex and requires a range of testing approaches to be used

» Testing should be factored in to the overall project work from the beginning

» The temptation to squeeze testing timescales must be resisted

» IPL have formal testing quality gates that must be passed through before an institution can join the scheme.


Contact Us

Please send questions and queries to:

[email protected]

Thank you for your interest

mailto:[email protected]

Faster Payments Service How To Ensure Compliance From AppLabs

Technology

Transcript of Faster Payments Service How To Ensure Compliance From AppLabs